Security breaches driven by malware are wreaking havoc across enterprises and causing all sorts of maladies, from network disruptions due to DDoS usage to payment card information leakage. These forms of attacks have been designed to escape conventional anti-virus and firewall controls and have shown to be extraordinarily hard to detect and remediate.
To address this threat we have to build next generation Advanced Malware Protection which a series of tools and techniques based around on-prem Sandboxing and cloud-based sandboxing technologies that allow to rapidly hunt down breaches found in our networks.
In the first part of this presentation we will provide some historical details on how malware has evolved from being passed around on floppy disks to our current environment where defenders face off against attackers supplied by a highly diversified marketplace of attack tools.
We will show what a modern breach looks like from inside the FireAMP product, and will show how through a combination of visualization of system activity and sandboxing pieces of malware, you can quickly understand how you were infected and what the malware has done post-infection.
We will also show you how you can go back through the history of system behavior to find other machines that were similarly compromised, and fix the issues from a central location. Real-world examples will be used for this presentation.
